package com.rb.common;

import org.nutz.lang.Lang;
import org.nutz.lang.Strings;
import org.nutz.lang.util.NutMap;
import org.nutz.log.Log;
import org.nutz.log.Logs;
import org.nutz.mvc.ActionContext;
import org.nutz.mvc.ActionFilter;
import org.nutz.mvc.View;
import org.nutz.mvc.view.UTF8JsonView;
import org.nutz.mvc.view.VoidView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Enumeration;

/**
 * Created by root on 2017/12/13.
 */
public class CrossOriginFilter implements ActionFilter {

    private static final Log log = Logs.get();

    protected String origin;
    protected String methods;
    protected String headers;
    protected String credentials;

    public CrossOriginFilter() {
        this("*", "GET,POST", "x-requested-with,origin,content-type,accept,token", "true");
    }

    public CrossOriginFilter(String origin, String methods, String headers, String credentials) {
        this.origin = origin;
        this.methods = methods;
        this.headers = headers;
        this.credentials = credentials;
    }

    public View match(ActionContext ac) {
        HttpServletResponse resp = ac.getResponse();
        if (!Strings.isBlank(origin))
            resp.setHeader("Access-Control-Allow-Origin", origin);
        if (!Strings.isBlank(methods))
            resp.setHeader("Access-Control-Allow-Methods", methods);
        if (!Strings.isBlank(headers))
            resp.setHeader("Access-Control-Allow-Headers", headers);
        if (!Strings.isBlank(credentials))
            resp.setHeader("Access-Control-Allow-Credentials", credentials);

        if (!isMethodsValid(ac.getRequest())) {
            if (log.isDebugEnabled())
                log.debugf("非法请求 -- [method=%s] [headers=%s] ", ac.getRequest().getMethod(),getHeadersInfo(ac.getRequest()));
            NutMap map = new NutMap("error", "非法请求");
            UTF8JsonView view = new UTF8JsonView().setData(map);
            return view;
        }
        return null;
    }

    private boolean isMethodsValid(HttpServletRequest request){
        String[] methodArr = methods.split(",");
        return Lang.contains(methodArr,request.getMethod());
    }

     private boolean isHeaderValid(HttpServletRequest request){
         boolean flag = true;
         String[] headerArr = headers.split(",");
         Enumeration headerNames = request.getHeaderNames();
         while (headerNames.hasMoreElements()) {
             String key = (String) headerNames.nextElement();
             //String value = request.getHeader(key);
             flag = Lang.contains(headerArr,key);
         }
         return flag;
     }

    private NutMap getHeadersInfo(HttpServletRequest request) {
        NutMap map = new NutMap();
        Enumeration headerNames = request.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String key = (String) headerNames.nextElement();
            String value = request.getHeader(key);
            map.put(key, value);
        }
        return map;
    }
}
